Privacy, Confidentiality, and Electronic Medical Records

From Clinfowiki
Jump to: navigation, search

This is a review on Barrows, R., & Clayton, P. (1996) article, Privacy, Confidentiality, and Electronic Medical Records. [1]

Goals of Informational Security in Health Care

Although health information is becoming more readily available in health care settings to improve quality and save on health care costs, there is concern for privacy and confidentiality. An electronic medical record (EMR) allows providers and clinicians to access and share a patient's medical health information among authorized individuals. The increase in number of authorized users, including remote access and from multiple sites, to access patient electronic medical records (EMRs) can reduce privacy. Because there is a risk of a potential breach of privacy and confidentiality, healthcare organizations should establish security measures to protect their data.

To assist organizations, the goals of informational security in health care should be considered.

  • Ensure the privacy of patients and confidentiality of health care data
  • Ensure the integrity of health care data
  • Ensure the availability of health data for authorized persons

Security Policy

A cohesive security policy for securing health data should be in place to reduce vulnerability [2]. Organizations should define a policy that will not only protect their patients but also their personnel who are authorized to view data and outside vendors such as insurance companies and managed care organizations.

Organizations should define their security policy based on the following factors:

  • Functional requirements of an information system
  • Security requirements for the system
  • A threat model

Privacy and Confidentiality in Health Care

In addition to a security policy, privacy and confidentiality should also be established between clinicians and patients. When patients "trust" clinicians with their medical data, privacy and confidentiality is established. There are different measures organizations can implement to protect privacy and confidentiality.

  • Establishing data ownership and legal accountability
  • Implementing informed consent to disclosure
  • Establish primary uses of medical records
  • Create user authentication and access control [3]
    • Password security
    • User-specific or role-specific views
  • Implement encryption software -- often referred to as cryptography
  • Implement protocols and mechanisms that will test and verify data --- referred to as data integrity
  • Create firewalls between EMR sites and internal networks
  • Recommend implementation of audit trail software

Proliferation of Healthcare Regulations

  • HIPAA - The Health Insurance Portability and Accountability Act (HIPAA) protects the privacy of an individual’s health information and governs the way health care providers manage and disclose protected health information (PHI). Healthcare providers must introduce appropriate systems and practices to comply with HIPAA.
  • ARRA-HITECH – The Health Information Technology for Economic and Clinical Health Act (HITECH) provisions of the American Recovery and Reinvestment Act (ARRA) expand HIPAA privacy requirements and create new challenges for healthcare privacy and security teams. In particular, the act introduces new regulations governing the confidentiality of EHRs.
  • FTC Red Flags Rule – The Federal Trade Commission (FTC) Red Flags Rule require healthcare providers to institute new systems and practices to combat identity theft. Providers have until June 1st 2010 to comply with this law.
  • State Laws – U.S. healthcare providers must abide by both federal and state regulations. Forty-five states have enacted privacy breach notification laws – many of which are more stringent than federal laws.
  • International Regulations – Healthcare privacy rules are not limited to the United States. The European Union and many individual countries and provinces in other parts of the world have implemented patient confidentiality laws.

Healthcare Privacy Breach Examples

Patient privacy is a serious matter for healthcare providers and patients alike. Patients can suffer financial damage if their billing data (credit card number, social security number) is stolen or emotional harm if PHI is disclosed. Healthcare providers can face stiff fines and suffer damage to their reputation if their records or systems are compromised. Examples of privacy breaches include:

  • VIP record snooping – disclosing a celebrity’s medical records. One notable case involved a UCLA Medical Center employee leaking Farah Fawcett’s cancer treatment records to the tabloids.
  • Financial identity theft – stealing patient data for financial gain. An admissions clerk at the Baptist Health Medical Center in Little Rock, AR was recently accused of using stolen patient information to buy Wal-Mart gift cards. Approximately 1,800 patient records were exposed.
  • Medical identity theft – using patient data to initiate bogus or inflated treatment claims, purchase prescription drugs, or obtain free medical treatment. Not long ago a front desk clerk at a Florida medical clinic downloaded information on more than 1,100 Medicare patients and gave it to a cousin who made$2.8 million in false Medicare claims.
  • Coworker, family member and neighbor snooping – disclosing a patient’s medical records to an unauthorized person. In a recent investigative report CNN reporter Elizabeth Cohen was able to retrieve 18 month’s worth of medical records for colleague Gary Tuchman and his entire family in minutes – on live television – using only his date of birth and social security number.

A Comparison of the Paper and Electronic Record Environments

Electronic records are more secure than paper records if and when the right policies are in place. For instance, with paper records organizations are unable to access audit trails and secure information based on user roles. In a paper record, all data is accessible to all viewers. In addition, paper records can be potentiality be misplaced and altered.


In conclusion, as EMR adoption increases healthcare organizations need to ensure that although they are allowing users to view and share patient data among one another, security should always be a top priority. Protocols involving electronic security features should be put in place for EMRs safety during the creation of these EMRs applications. There are many barriers organizations will encounter with security but if they follow the recommendations above it will be beneficial to themselves, users and their patients.


As a security analyst in my current employment, I have seen firsthand my organization implement the recommendations mentioned in the article. Privacy and confidentiality is always in question when granting users' access to EMRs. As a security analyst, I find myself asking users when granting access, "What type of access do you need?" "Why do you need access?" Therefore, in my opinion I feel that privacy, confidentiality and security should be considered core fundamental principles in which organizations must define and establish prior to granting users access to their EMRs.

Related Article



  1. Privacy, Confidentiality, and Electronic Medical Records Randolph C. Barrows , Paul D. Clayton Journal of the American Medical Informatics Association Mar 1996, 3 (2) 139-148; DOI: 10.1136/jamia.1996.96236282 Retrieved from
  2. Curran WJ, Steams B, Kaplan H. Privacy, confidentiality and other legal considerations in the establishment of a centralized health-data system. N Engl J Med. 1968;281:241-8.
  3. Orr GA, Brantley BA. Development of a model of information security requirements for enterprise-wide medical information systems. In Frisse ME, ed. Proceedings of the Sixteenth Annual Symposium for Computer Applications in Medical Care. New York: McGraw-Hill, 1992:287-91.